British police and intelligence agencies might soon be able to get private data by going straight to the doorsteps of American companies like Google and Facebook, if a new bilateral deal between the two countries goes through.
The US and UK already have extensive intelligence-sharing arrangements as members of the globe-spanning Five Eyes spying alliance. But this new surveillance pact, which is being negotiated in secret, would give British spies an unprecedented level of access to American companies, allowing them to set up wiretaps and serve “production orders” directly on corporate servers located on American soil.
“Last time they did this, we assembled the Minutemen,” NSA whistleblower Edward Snowden tweeted, referring to the specialized militias that fought for the colonies in the Revolutionary War.
The wiretaps and search orders would need to be accompanied by a warrant, but, unlike in the US judicial system, they wouldn't require a judge's signature or finding of probable cause. British spies also wouldn't be allowed to access communications and data belonging to American citizens—although that claim is always questionable considering the various loopholes that allow the NSA and GCHQ to retain “incidentally” collected information.
A US Justice Department official told Reuters that the deal “would require legislation to take effect.” That would likely involve changes to the Wiretap Act and the Stored Communications Act, which handle when the government can intercept communications and can compel access to data kept by third parties, respectively.
The new arrangement is being pitched as a solution to what both governments view as a “conflict of laws” preventing UK authorities from quickly accessing UK citizen data stored on US soil.
It would also likely cause some major FOMO among other nations, many of which have expressed frustration with getting data from US companies. US firms like Facebook, Google, and Twitter comply with data requests from the US and UK governments far more often than they do with other countries, and some of them have started taking matters into their own hands. Russia, for example, currently has a law requiring data on Russian citizens to be stored on Russian soil, where it can be intercepted by the Kremlin's nationwide surveillance system, SORM—though it has yet to be properly enforced.